OSCAL Dynamic Schema Validation

General MR

Summary

OSCAL version updates are difficult to change/validate, as they currently rely on /oscal/oscal_component_schema.json, but every bigbang-package has an oscal-component.yaml that identifies its schema version. If you change the Pipeline Template version, all bigbang-package pipelines will fail until they are also migrated. Similarly, if you try to change the package first, it will either fail OR you simply cant use any new schema features until migration of the entire ecosystem is complete.

This method intends to pull the oscal-component definition from the package and collect the relevant schema from upstream. These could be moved internally as well, to reduce bandwidth and harden against upstream (github) outages, but maintaining a prospective internal repository was outside of the scope of this MR.

Relevant logs/screenshots

package-validation!256 (closed)

This pipeline displays this in action. the OSCAL Component can be updated to any version between 1.0.4 and 1.1.1 (and previous and presumably future) and it will work similarly.